upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 15:49:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move RDN checks to entry_schema_check() so that it is consistently

Browse source 
applied (and disabled via schemacheck off).  Removed add-rdn-values flag.
This commit is contained in:
Kurt Zeilenga 2003-02-07 20:12:26 +00:00
parent cb0a009dca
commit c315e28779
5 changed files with 49 additions and 164 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

131
servers/slapd/add.c
View file

@ -47,8 +47,6 @@ do_add( Connection *conn, Operation *op )
Modifications **modtail = &modlist; Modifications **modtail = &modlist;
Modifications tmp; Modifications tmp;
const char *text; const char *text;
LDAPRDN *rdn = NULL;
int cnt;
int rc = LDAP_SUCCESS; int rc = LDAP_SUCCESS;
int manageDSAit; int manageDSAit;
#ifdef LDAP_SLAPI #ifdef LDAP_SLAPI
@ -201,135 +199,6 @@ do_add( Connection *conn, Operation *op )
goto done; goto done;
} }
/*
* Get attribute type(s) and attribute value(s) of our rdn,
*/
if ( ldap_bv2rdn( &e->e_name, &rdn, (char **)&text,
LDAP_DN_FORMAT_LDAP ) )
{
send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX,
NULL, "unknown type(s) used in RDN",
NULL, NULL );
goto done;
}
/* Check for RDN attrs in entry */
for ( cnt = 0; rdn[ 0 ][ cnt ]; cnt++ ) {
AttributeDescription *desc = NULL;
Modifications *mod;
MatchingRule *mr;
int i;
rc = slap_bv2ad( &rdn[ 0 ][ cnt ]->la_attr,
&desc, &text );
if ( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
goto done;
}
for (mod = modlist; mod; mod = mod->sml_next) {
AttributeDescription *mod_desc = NULL;
rc = slap_bv2ad( &mod->sml_type,
&mod_desc, &text );
if ( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
goto done;
}
if (mod_desc == desc) {
break;
}
}
if (mod == NULL) {
if ( !global_add_rdn_values ) {
/* bail out */
send_ldap_result( conn, op,
rc = LDAP_NO_SUCH_ATTRIBUTE,
NULL,
"RDN attribute value assertion not present in entry",
NULL, NULL );
goto done;
} else {
struct berval bv;
/* add attribute type and value to modlist */
mod = (Modifications *) ch_malloc( sizeof(Modifications) );
mod->sml_op = LDAP_MOD_ADD;
mod->sml_next = NULL;
mod->sml_desc = NULL;
ber_dupbv( &mod->sml_type,
&rdn[ 0 ][ cnt ]->la_attr );
mod->sml_bvalues = NULL;
ber_dupbv( &bv, &rdn[ 0 ][ cnt ]->la_value );
ber_bvarray_add( &mod->sml_bvalues, &bv );
*modtail = mod;
modtail = &mod->sml_next;
continue;
}
}
mr = desc->ad_type->sat_equality;
if (mr == NULL || !mr->smr_match ) {
/* bail out */
send_ldap_result( conn, op,
rc = LDAP_INVALID_SYNTAX,
NULL,
"attribute in RDN lacks matching rule",
NULL, NULL );
goto done;
}
for (i = 0; mod->sml_bvalues[ i ].bv_val; i++) {
int match = 0;
rc = value_match(&match, desc, mr,
SLAP_MR_VALUE_SYNTAX_MATCH,
&mod->sml_bvalues[ i ],
&rdn[ 0 ][ cnt ]->la_value, &text);
if ( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL);
goto done;
}
if (match == 0) {
break;
}
}
/* not found? */
if (mod->sml_bvalues[ i ].bv_val == NULL) {
if ( !global_add_rdn_values ) {
/* bailout */
send_ldap_result( conn, op,
rc = LDAP_NO_SUCH_ATTRIBUTE,
NULL,
"value in RDN not listed in entry",
NULL, NULL );
goto done;
} else {
struct berval bv;
/* add attribute type and value to modlist */
ber_dupbv( &bv, &rdn[ 0 ][ cnt ]->la_value );
ber_bvarray_add( &mod->sml_bvalues, &bv );
continue;
}
}
}
manageDSAit = get_manageDSAit( op ); manageDSAit = get_manageDSAit( op );
/* /*

30
servers/slapd/config.c
View file

@ -1727,36 +1727,6 @@ read_config( const char *fname, int depth )
global_schemacheck = 1; global_schemacheck = 1;
} }
/* turn on/off rdn value add */
} else if ( strcasecmp( cargv[0], "add-rdn-values" ) == 0 ) {
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
"%s: line %d: missing on|off in \"add-rdn-values <on|off>\""
" line.\n", fname, lineno , 0 );
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing on|off in \"add-rdn-values <on|off>\" line\n",
fname, lineno, 0 );
#endif
return( 1 );
}
if ( strcasecmp( cargv[1], "on" ) == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
"%s: line %d: add-rdn-values enabled! your mileage may vary!\n",
fname, lineno , 0 );
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: add-rdn-values enabled! your mileage may vary!\n",
fname, lineno, 0 );
#endif
global_add_rdn_values = 1;
} else {
global_add_rdn_values = 0;
}
/* specify access control info */ /* specify access control info */
} else if ( strcasecmp( cargv[0], "access" ) == 0 ) { } else if ( strcasecmp( cargv[0], "access" ) == 0 ) {
parse_acl( be, fname, lineno, cargc, cargv ); parse_acl( be, fname, lineno, cargc, cargv );

1
servers/slapd/proto-slap.h
View file

@ -1107,7 +1107,6 @@ LDAP_SLAPD_V (slap_access_t) global_default_access;
LDAP_SLAPD_V (int) global_gentlehup; LDAP_SLAPD_V (int) global_gentlehup;
LDAP_SLAPD_V (int) global_idletimeout; LDAP_SLAPD_V (int) global_idletimeout;
LDAP_SLAPD_V (int) global_schemacheck; LDAP_SLAPD_V (int) global_schemacheck;
LDAP_SLAPD_V (int) global_add_rdn_values;
LDAP_SLAPD_V (char *) global_host; LDAP_SLAPD_V (char *) global_host;
LDAP_SLAPD_V (char *) global_realm; LDAP_SLAPD_V (char *) global_realm;
LDAP_SLAPD_V (char *) default_passwd_hash; LDAP_SLAPD_V (char *) default_passwd_hash;

50
servers/slapd/schema_check.c
View file

@ -212,11 +212,59 @@ entry_schema_check(
} else if ( sc != oc ) { } else if ( sc != oc ) {
snprintf( textbuf, textlen, snprintf( textbuf, textlen,
"structural object class modification from '%s' to '%s' not allowed", "structural object class modification "
"from '%s' to '%s' not allowed",
asc->a_vals[0].bv_val, nsc.bv_val ); asc->a_vals[0].bv_val, nsc.bv_val );
return LDAP_NO_OBJECT_CLASS_MODS; return LDAP_NO_OBJECT_CLASS_MODS;
} }
{ /* naming check */
LDAPRDN *rdn;
const char *p;
ber_len_t cnt;
/*
* Get attribute type(s) and attribute value(s) of our RDN
*/
if ( ldap_bv2rdn( &e->e_name, &rdn, (char **)&p,
LDAP_DN_FORMAT_LDAP ) )
{
*text = "unrecongized attribute type(s) in RDN";
return LDAP_INVALID_DN_SYNTAX;
}
/* Check that each AVA of the RDN is present in the entry */
/* FIXME: Should also check that each AVA lists a distinct type */
for ( cnt = 0; rdn[0][cnt]; cnt++ ) {
LDAPAVA *ava = rdn[0][cnt];
AttributeDescription *desc = NULL;
Attribute *attr;
const char *errtext;
rc = slap_bv2ad( &ava->la_attr, &desc, &errtext );
if ( rc != LDAP_SUCCESS ) {
snprintf( textbuf, textlen, "%s (in RDN)", errtext );
return rc;
}
/* find the naming attribute */
attr = attr_find( e->e_attrs, desc );
if ( attr == NULL ) {
snprintf( textbuf, textlen,
"naming attribute '%s' is not present in entry",
ava->la_attr );
return LDAP_NO_SUCH_ATTRIBUTE;
}
if ( value_find( desc, attr->a_vals, &ava->la_value ) != 0 ) {
snprintf( textbuf, textlen,
"value of naming attribute '%s' is not present in entry",
ava->la_attr );
return LDAP_NO_SUCH_ATTRIBUTE;
}
}
}
#ifdef SLAP_EXTENDED_SCHEMA #ifdef SLAP_EXTENDED_SCHEMA
/* find the content rule for the structural class */ /* find the content rule for the structural class */
cr = cr_find( sc->soc_oid ); cr = cr_find( sc->soc_oid );

1
servers/slapd/schemaparse.c
View file

@ -17,7 +17,6 @@
#include "ldap_schema.h" #include "ldap_schema.h"
int global_schemacheck = 1; /* schemacheck ON is default */ int global_schemacheck = 1; /* schemacheck ON is default */
int global_add_rdn_values = 0; /* bail out if rdn values do not match entry values is default */
static void oc_usage(void); static void oc_usage(void);
static void at_usage(void); static void at_usage(void);